Money lost by US companies due to the disruption caused by cybercrime is expected to continue to rise in the decade ahead. One of the most widespread attacks is the distributed denial of service attack (DDoS) - an assault on a server of network that tries to shut it down with a mass of unwanted Internet traffic.

SIP-based VoIP systems are one area of prime vulnerability as VoIP can create vulnerabilities for a company's communications if insufficient security precautions are taken.

Recent research by the University of the Aegean, the Institute of the Protection and Security of the Citizen in Italy and George Mason University in Virginia has outlined the possibility that machine learning could help companies protect their VoIP-based communications from DDoS.

Implementing or upgrading an enterprise phone system is a huge investment, and you've likely discovered that it is not an easy task.

The vulnerable link in VoIP communications is considered to be the SIP server used to make VoIP calls as this acts as the nexus between two users on a call. It also gives out billing and accounting information for service providers and information on intrusion attempts.

The researchers in Greece have been working with five machine-learning algorithms as part of their VoIP security experiments, including neural networks and decision trees. The team has created a test bed, a simulation of typical VoIP infrastructure set-ups, and has been running these through simulated DDoS attacks.

The algorithms have been tested using both normal traffic levels as well as the much higher traffic associated with DDoS attacks. Algorithms like decision trees and Random Forest perform the best in detecting and potentially preventing the impact of a DDoS attack on a SIP server.

Machine learning has also been superior to conventional attack detection methods currently used within the VoIP industry.

Machine learning models can take a long time to build and involve considerable investment. But they are extremely useful in picking up the early stages of a DDoS attack and allowing an organization to react before a VoIP network is taken down.

It is also possible that machine learning will have further security applications against other cybersecurity threats, notably SQL injection, phishing and malware.

Currently, these methods are still at the experimental stage, but they demonstrate that advances in machine learning can have an impact on helping to protect vulnerable VoIP networks in the near future. The next step will be to evaluate the scope of these techniques under real time conditions.

Key Takeaways:• VoIP networks are regarded as vulnerable to cyberattacks, which continue to trend upwards and cost US businesses billions of dollar a year.• The SIP servers are considered to be among the most vulnerable areas for denial of service attacks.• Research into the area of machine learning has demonstrated that the technology can be effective at detecting the onset of both attacks designed to shut down a server as well as those that may just slow it down.• Both have implications for the quality of VoIP services provided to end customers. Machine learning may serve as an effective early warning system for in-house cyber security teams and software.